spotify-api-graphql-console
spotify-api-graphql-console copied to clipboard
Published
20 hours ago β’
charlypoly
charlypoly
[Snyk] Security upgrade graphiql from 0.9.3 to 0.10.2
trafficstars
Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.
β¨What is Merge Advice?
We check thousands of dependency upgrade pull requests and CI tests every day to see which upgrades were successfully merged. After crunching this data, we give a recommendation on how safe we think the change is for you to merge without causing issues. Learn more, and share your feedback to help improve this feature. πChanges included in this PR
- Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- package.json
- package-lock.json
Vulnerabilities that will be fixed
With an upgrade:
| Severity | Issue | Breaking Change | Exploit Maturity |
|---|---|---|---|
 |
Regular Expression Denial of Service (ReDoS) SNYK-JS-CODEMIRROR-569611 |
No | No Known Exploit |
Commit messages
Package name: graphiql
The new version differs by 209 commits.- 521f471 0.10.2
- 4a1cfbd Merge pull request #455 from wincent/glh/react-dep
- 4922c74 Loosen React peer dependency
- 9b96944 Merge pull request #454 from wincent/glh/codemirror-peer
- aee8252 Loosen codemirror peer-dependency
- 520245f Merge pull request #452 from graphql/greenkeeper/codemirror-graphql-0.6.4
- 7d6c838 Freshen yarn.lock
- d2262bd chore(package): update codemirror-graphql to version 0.6.4
- a76aa7e Freshen yarn.lock
- 138cb67 Merge pull request #450 from graphql/greenkeeper/jsdom-10.1.0
- 64d01a8 chore(package): update jsdom to version 10.1.0
- 01a504b Freshen yarn.lock
- 34e5dbc Merge pull request #449 from graphql/greenkeeper/flow-bin-0.45.0
- 67dfea4 chore(package): update flow-bin to version 0.45.0
- 4c974c2 Merge pull request #447 from graphql/greenkeeper/jsdom-10.0.0
- 35ba43a Update to accommodate new jsdom APIs
- 62f54ae chore(package): update jsdom to version 10.0.0
- 2e1bf18 Merge pull request #448 from graphql/greenkeeper/mocha-3.3.0
- 3875041 Merge pull request #446 from graphql/greenkeeper/flow-bin-0.44.2
- 0b01116 chore(package): update mocha to version 3.3.0
- bc9fbae chore(package): update flow-bin to version 0.44.2
- 97bb1b7 Freshen yarn.lock
- b24cbf6 Merge pull request #445 from graphql/greenkeeper/postcss-cli-3.2.0
- dbedc62 chore(package): update postcss-cli to version 3.2.0
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
π§ View latest project report
π Read more about Snyk's upgrade and patch logic
